From fb3b2a6c6c85eb27a2a95a7c8b28ba484759b038 Mon Sep 17 00:00:00 2001 From: FoskyM Date: Fri, 13 Oct 2023 20:30:09 +0800 Subject: [PATCH] feat: add oauth group permission --- js/dist/admin.js | Bin 10967 -> 11151 bytes js/dist/admin.js.map | Bin 32671 -> 33040 bytes js/src/admin/index.js | 11 ++++++++++- locale/en.yml | 2 ++ locale/zh-Hans.yml | 2 ++ src/Api/Controller/ShowClientController.php | 9 ++++++++- src/Controllers/AuthorizeController.php | 5 +++++ 7 files changed, 27 insertions(+), 2 deletions(-) diff --git a/js/dist/admin.js b/js/dist/admin.js index d45ab951e49994f9979fc42cdff021044c6ec29b..13abde387c3a7e5897846283a375959101022126 100644 GIT binary patch delta 135 zcmcZ}+8@4QhL)LLQEGZ-aY<@XKx$ELW^r+5ex62kW^#U>l~P(_u|is+ZfS99k#1U1 zW@=tav64M9&;-%| diff --git a/js/dist/admin.js.map b/js/dist/admin.js.map index 21de8ca152871911b1fc02799a8a5e0dc4c8c62f..c11dd5b66dfaf9c84275ff450edc8156ee376684 100644 GIT binary patch delta 341 zcmbRLpK(GH(}urlYVMBCNs&6aPL9qlI?j&Hu0_r|-j0sGI>kT{zhY+{Uq?s(GPlW& ze8RHXE{@KoPUWsT;f{`xI+@Ont|>Z^j?Ruc?vAcro0-)A1_sCEDFA_9QEGZ-aY<@X zKx$ELW^r+5ex3$IrW!&iC}bw*=UFMJrzI9Eq$TQ>7N-{JrWIwT=A{&?>%i3HBqpWi zSWOlT5u5zJOhyxKmL5=fe12kSNrt*6TyX(h+G?_+qnII3jV?qDR7owAR>zRBGzHnX q`Cmmpn~jbVrrVWtl)z2_(g<6WVs(^?^Gl18Q-kvJOO&jXlxhK1q;4Sq delta 44 zcmbQx#5Dgu { app.extensionData .for('foskym-oauth-center') - .registerPage(SettingsPage); + .registerPage(SettingsPage) + .registerPermission( + { + icon: 'fas fa-user-friends', + label: app.translator.trans('foskym-oauth-center.admin.permission.use_oauth'), + permission: 'foskym-oauth-center.use-oauth', + }, + 'use-oauth', + 95 + ); }); diff --git a/locale/en.yml b/locale/en.yml index 10d94a3..064e788 100644 --- a/locale/en.yml +++ b/locale/en.yml @@ -1,5 +1,7 @@ foskym-oauth-center: admin: + permission: + use_oauth: Use OAuth page: index: home clients: Manage Clients diff --git a/locale/zh-Hans.yml b/locale/zh-Hans.yml index 556fb1b..de3d7b8 100644 --- a/locale/zh-Hans.yml +++ b/locale/zh-Hans.yml @@ -1,5 +1,7 @@ foskym-oauth-center: admin: + permission: + use_oauth: 使用 OAuth 授权 page: index: 首页 clients: 应用管理 diff --git a/src/Api/Controller/ShowClientController.php b/src/Api/Controller/ShowClientController.php index 5a64375..726246b 100644 --- a/src/Api/Controller/ShowClientController.php +++ b/src/Api/Controller/ShowClientController.php @@ -4,6 +4,7 @@ namespace FoskyM\OAuthCenter\Api\Controller; use Flarum\Api\Controller\AbstractListController; use Flarum\Http\RequestUtil; +use Flarum\User\Exception\NotAuthenticatedException; use Illuminate\Support\Arr; use Psr\Http\Message\ServerRequestInterface; use Tobscure\JsonApi\Document; @@ -16,7 +17,13 @@ class ShowClientController extends AbstractListController protected function data(ServerRequestInterface $request, Document $document) { $client_id = Arr::get($request->getQueryParams(), 'client_id'); - RequestUtil::getActor($request)->assertRegistered(); + + $actor = RequestUtil::getActor($request); + $actor->assertRegistered(); + + if (!$actor->hasPermission('foskym-oauth-center.use-oauth')) { + throw new NotAuthenticatedException(); + } $client = Client::where('client_id', $client_id)->get(); diff --git a/src/Controllers/AuthorizeController.php b/src/Controllers/AuthorizeController.php index 7313f2a..2270376 100644 --- a/src/Controllers/AuthorizeController.php +++ b/src/Controllers/AuthorizeController.php @@ -9,6 +9,7 @@ * file that was distributed with this source code. */ namespace FoskyM\OAuthCenter\Controllers; +use Flarum\User\Exception\NotAuthenticatedException; use Flarum\User\User; use Flarum\Http\RequestUtil; use FoskyM\OAuthCenter\OAuth; @@ -33,6 +34,10 @@ class AuthorizeController implements RequestHandlerInterface $actor = RequestUtil::getActor($request); $actor->assertRegistered(); + if (!$actor->hasPermission('foskym-oauth-center.use-oauth')) { + throw new NotAuthenticatedException(); + } + $params = $request->getParsedBody(); $oauth = new OAuth($this->settings);